To whom may be of help!
Finally got a few agents installed. Works well. Also have web ui working. I would like to know how to enable reporting and daily email reports to myself. I use the following and doesn’t start ossec-hids…
<ossec_config>
<reports>
<category>authentication_success</category>
<user type="relation">srcip</user>
<title>Daily report: Successful logins</title>
<email_to>m...@example.com</email_to>
Something tells me I need the snapshots to make this work (see below). When I go to download it gives me an error telling me site is now gone.
If you want to receive daily email reports (summaries) of your OSSEC alerts, you will like this new feature.
First, start off by downloading the latest snapshot: http://www.ossec.net/files/snapshots/ (get the latest file from there).
Any help is greatly appreciated….
Thanks!
Roberto Valenti
Director IT Operations
GRYPHON NETWORKS
617-279-2687 (Direct) | 508-826-1486 (Mobile)
► 100 Summer Street, Suite 800, Boston, MA 02110
This email and any files transmitted with it may contain confidential or legally privileged information and are intended solely for the use of the individual to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any use, disclosure, copying, or distribution of the information included in this transmission is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by responding to this email and then delete it from your system.